The problem
Autonomous vehicles, AI agents, and machines increasingly pay for real-world services: parking, charging, tolls. Existing payment systems assume a human present, per-transaction approval, or always-on connectivity—none of which work for machines operating at scale.
How MPCP works
A Policy Authority issues a signed PolicyGrant that defines what a machine can spend — purposes, destinations, and budget ceiling. The machine's wallet signs a per-payment SBA within those bounds. A Trust Gateway verifies the full chain before submitting the XRPL transaction.
MPCP is to machine payments what OAuth is to API authorization.
View the Fleet-EV reference flow → View the Human-Agent reference flow →Key characteristics
- Bounded authorization — Pre-authorized budgets with purpose, destination, and rail constraints
- Deterministic verification — Every settlement verifiable against the signed authorization chain
- XRPL-native — Settles on the XRP Ledger;
allowedRails: ["xrpl"]is the conformance requirement - Gateway enforcement — Trust Gateway validates the full chain before settlement executes
- Offline-capable — Pre-loaded grants and Trust Bundles enable payments without connectivity
- Policy-first — All spending derives from PA-signed PolicyGrants with explicit constraints